@geolonia/geonicdb-cli 0.2.0 → 0.4.0

package/README.md

@@ -77,6 +77,7 @@ geonic entities list --help
 | `-f, --format <fmt>` | Output format: `json`, `table`, `geojson` |
 | `--no-color` | Disable color output |
 | `-v, --verbose` | Verbose output |
+| `--dry-run` | Print the equivalent `curl` command without executing |
 
 Options are resolved in this order (first wins):
 
@@ -388,6 +389,31 @@ Specify the output format with `--format` or `geonic config set format <fmt>`.
 
 Use `--key-values` on `entities list` and `entities get` to request simplified key-value format from the API.
 
+## Dry Run
+
+Use `--dry-run` on any command to print the equivalent `curl` command instead of executing the request. The output can be copied and run directly in a terminal.
+
+```bash
+$ geonic entities list --type Sensor --dry-run
+curl \
+  -H 'Content-Type: application/ld+json' \
+  -H 'Accept: application/ld+json' \
+  -H 'Authorization: Bearer <token>' \
+  'http://localhost:3000/ngsi-ld/v1/entities?type=Sensor'
+```
+
+Works with all operations including POST with body:
+
+```bash
+$ geonic entities create '{"id":"Room1","type":"Room"}' --dry-run
+curl \
+  -X POST \
+  -H 'Content-Type: application/ld+json' \
+  -H 'Accept: application/ld+json' \
+  -d '{"id":"Room1","type":"Room"}' \
+  'http://localhost:3000/ngsi-ld/v1/entities'
+```
+
 ## Configuration
 
 The CLI stores configuration in `~/.config/geonic/config.json`.

package/dist/index.js

@@ -584,15 +584,54 @@ function registerConfigCommand(program2) {
 // src/commands/auth.ts
 import { Command } from "commander";
 
+// src/oauth.ts
+async function clientCredentialsGrant(options) {
+  const url = new URL("/oauth/token", options.baseUrl).toString();
+  const credentials = Buffer.from(`${options.clientId}:${options.clientSecret}`).toString("base64");
+  const body = { grant_type: "client_credentials" };
+  if (options.scope) {
+    body.scope = options.scope;
+  }
+  const response = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Basic ${credentials}`
+    },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) {
+    const text = await response.text();
+    let message;
+    try {
+      const err = JSON.parse(text);
+      message = err.error_description ?? err.error ?? text;
+    } catch {
+      message = text || `HTTP ${response.status}`;
+    }
+    throw new Error(`OAuth token request failed: ${message}`);
+  }
+  return await response.json();
+}
+
 // src/client.ts
+var DryRunSignal = class extends Error {
+  constructor() {
+    super("dry-run");
+    this.name = "DryRunSignal";
+  }
+};
 var GdbClient = class _GdbClient {
   baseUrl;
   service;
   token;
   refreshToken;
   apiKey;
+  clientId;
+  clientSecret;
   onTokenRefresh;
   verbose;
+  dryRun;
   refreshPromise;
   constructor(options) {
     this.baseUrl = options.baseUrl.replace(/\/+$/, "");
@@ -600,8 +639,11 @@ var GdbClient = class _GdbClient {
     this.token = options.token;
     this.refreshToken = options.refreshToken;
     this.apiKey = options.apiKey;
+    this.clientId = options.clientId;
+    this.clientSecret = options.clientSecret;
     this.onTokenRefresh = options.onTokenRefresh;
     this.verbose = options.verbose ?? false;
+    this.dryRun = options.dryRun ?? false;
   }
   buildHeaders(extra) {
     const headers = {};
@@ -682,8 +724,30 @@ var GdbClient = class _GdbClient {
     });
     process.stderr.write("\n");
   }
+  static shellQuote(value) {
+    return `'${value.split("'").join(`'"'"'`)}'`;
+  }
+  static buildCurlCommand(method, url, headers, body) {
+    const parts = ["curl"];
+    if (method !== "GET") {
+      parts.push(`-X ${method}`);
+    }
+    for (const [key, value] of Object.entries(headers)) {
+      parts.push(`-H ${_GdbClient.shellQuote(`${key}: ${value}`)}`);
+    }
+    if (body) {
+      parts.push(`-d ${_GdbClient.shellQuote(body)}`);
+    }
+    parts.push(_GdbClient.shellQuote(url));
+    return parts.join(" \\\n  ");
+  }
+  handleDryRun(method, url, headers, body) {
+    if (!this.dryRun) return;
+    console.log(_GdbClient.buildCurlCommand(method, url, headers, body));
+    throw new DryRunSignal();
+  }
   canRefresh() {
-    return !!this.refreshToken && !this.apiKey;
+    return (!!this.refreshToken || !!this.clientId && !!this.clientSecret) && !this.apiKey;
   }
   async performTokenRefresh() {
     if (this.refreshPromise) return this.refreshPromise;
@@ -695,32 +759,50 @@ var GdbClient = class _GdbClient {
     }
   }
   async doRefresh() {
-    if (!this.refreshToken) return false;
-    try {
-      const url = this.buildUrl("/auth/refresh");
-      const response = await fetch(url, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({ refreshToken: this.refreshToken })
-      });
-      if (!response.ok) return false;
-      const data = await response.json();
-      const newToken = data.accessToken ?? data.token;
-      const newRefreshToken = data.refreshToken;
-      if (!newToken) return false;
-      this.token = newToken;
-      if (newRefreshToken) this.refreshToken = newRefreshToken;
-      this.onTokenRefresh?.(newToken, newRefreshToken);
-      return true;
-    } catch {
-      return false;
+    if (this.refreshToken) {
+      try {
+        const url = this.buildUrl("/auth/refresh");
+        const response = await fetch(url, {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ refreshToken: this.refreshToken })
+        });
+        if (response.ok) {
+          const data = await response.json();
+          const newToken = data.accessToken ?? data.token;
+          const newRefreshToken = data.refreshToken;
+          if (newToken) {
+            this.token = newToken;
+            if (newRefreshToken) this.refreshToken = newRefreshToken;
+            this.onTokenRefresh?.(newToken, newRefreshToken);
+            return true;
+          }
+        }
+      } catch {
+      }
     }
+    if (this.clientId && this.clientSecret) {
+      try {
+        const result = await clientCredentialsGrant({
+          baseUrl: this.baseUrl,
+          clientId: this.clientId,
+          clientSecret: this.clientSecret
+        });
+        this.token = result.access_token;
+        this.onTokenRefresh?.(result.access_token);
+        return true;
+      } catch {
+        return false;
+      }
+    }
+    return false;
   }
   async executeRequest(method, path, options) {
     const url = this.buildUrl(`${this.getBasePath()}${path}`, options?.params);
     const headers = this.buildHeaders(options?.headers);
     const body = options?.body ? JSON.stringify(options.body) : void 0;
     this.logRequest(method, url, headers, body);
+    this.handleDryRun(method, url, headers, body);
     const response = await fetch(url, { method, headers, body });
     this.logResponse(response);
     const countHeader = response.headers.get("NGSILD-Results-Count");
@@ -745,6 +827,7 @@ var GdbClient = class _GdbClient {
     const headers = this.buildHeaders(options?.headers);
     const body = options?.body ? JSON.stringify(options.body) : void 0;
     this.logRequest(method, url, headers, body);
+    this.handleDryRun(method, url, headers, body);
     const response = await fetch(url, { method, headers, body });
     this.logResponse(response);
     let data;
@@ -826,7 +909,8 @@ function resolveOptions(cmd) {
     color: opts.color,
     verbose: opts.verbose,
     profile: opts.profile,
-    apiKey: opts.apiKey ?? process.env.GDB_API_KEY ?? config.apiKey
+    apiKey: opts.apiKey ?? process.env.GDB_API_KEY ?? config.apiKey,
+    dryRun: opts.dryRun
   };
 }
 function createClient(cmd) {
@@ -844,6 +928,8 @@ function createClient(cmd) {
     service: opts.service,
     token: opts.token,
     refreshToken: usingCliToken ? void 0 : config.refreshToken,
+    clientId: usingCliToken ? void 0 : config.clientId,
+    clientSecret: usingCliToken ? void 0 : config.clientSecret,
     apiKey: opts.apiKey,
     onTokenRefresh: usingCliToken ? void 0 : (token, refreshToken) => {
       const cfg = loadConfig(opts.profile);
@@ -851,7 +937,8 @@ function createClient(cmd) {
       if (refreshToken) cfg.refreshToken = refreshToken;
       saveConfig(cfg, opts.profile);
     },
-    verbose: opts.verbose
+    verbose: opts.verbose,
+    dryRun: opts.dryRun
   });
 }
 function getFormat(cmd) {
@@ -871,6 +958,9 @@ function withErrorHandler(fn) {
     try {
       await fn(...args);
     } catch (err) {
+      if (err instanceof DryRunSignal) {
+        return;
+      }
       if (err instanceof GdbClientError && err.status === 401) {
         printError("Authentication failed. Please run `geonic login` to re-authenticate.");
       } else if (err instanceof Error) {
@@ -1020,35 +1110,217 @@ function formatDuration(ms) {
   return parts.join(" ");
 }
 
-// src/oauth.ts
-async function clientCredentialsGrant(options) {
-  const url = new URL("/oauth/token", options.baseUrl).toString();
-  const credentials = Buffer.from(`${options.clientId}:${options.clientSecret}`).toString("base64");
-  const params = new URLSearchParams();
-  params.set("grant_type", "client_credentials");
-  if (options.scope) {
-    params.set("scope", options.scope);
+// src/input.ts
+import JSON5 from "json5";
+import { readFileSync as readFileSync2 } from "fs";
+import { createInterface as createInterface2 } from "readline";
+async function parseJsonInput(input) {
+  if (input !== void 0) {
+    if (input === "-") return parseData(readFileSync2(0, "utf-8"));
+    if (input.startsWith("@")) return parseData(readFileSync2(input.slice(1), "utf-8"));
+    return parseData(input);
   }
-  const response = await fetch(url, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/x-www-form-urlencoded",
-      Authorization: `Basic ${credentials}`
-    },
-    body: params.toString()
+  if (!process.stdin.isTTY) {
+    return parseData(readFileSync2(0, "utf-8"));
+  }
+  return readInteractiveJson();
+}
+function parseData(text) {
+  return JSON5.parse(text.trim());
+}
+async function readInteractiveJson() {
+  const rl = createInterface2({
+    input: process.stdin,
+    output: process.stderr,
+    prompt: "json> "
   });
-  if (!response.ok) {
-    const text = await response.text();
-    let message;
-    try {
-      const err = JSON.parse(text);
-      message = err.error_description ?? err.error ?? text;
-    } catch {
-      message = text || `HTTP ${response.status}`;
+  process.stderr.write("Enter JSON (auto-submits when braces close, Ctrl+C to cancel):\n");
+  rl.prompt();
+  const lines = [];
+  let depth = 0;
+  let started = false;
+  let inBlockComment = false;
+  let inString = false;
+  let stringChar = "";
+  let cancelled = false;
+  return new Promise((resolve, reject) => {
+    rl.on("SIGINT", () => {
+      cancelled = true;
+      rl.close();
+    });
+    rl.on("line", (line) => {
+      lines.push(line);
+      const result = trackDepth(line, depth, started, inBlockComment, inString, stringChar);
+      depth = result.depth;
+      started = result.started;
+      inBlockComment = result.inBlockComment;
+      inString = result.inString;
+      stringChar = result.stringChar;
+      if (started && depth <= 0 && !inBlockComment && !inString) {
+        rl.close();
+        try {
+          resolve(parseData(lines.join("\n")));
+        } catch (err) {
+          reject(err);
+        }
+      } else {
+        rl.setPrompt("...  ");
+        rl.prompt();
+      }
+    });
+    rl.on("close", () => {
+      if (cancelled) {
+        reject(new Error("Input cancelled."));
+        return;
+      }
+      if (lines.length > 0 && (!started || depth > 0 || inBlockComment || inString)) {
+        try {
+          resolve(parseData(lines.join("\n")));
+        } catch (err) {
+          reject(err);
+        }
+      } else if (lines.length === 0) {
+        reject(new Error("No input provided."));
+      }
+    });
+  });
+}
+function trackDepth(line, depth, started, inBlockComment, inString, stringChar) {
+  for (let i = 0; i < line.length; i++) {
+    const ch = line[i];
+    const next = i + 1 < line.length ? line[i + 1] : "";
+    if (inBlockComment) {
+      if (ch === "*" && next === "/") {
+        inBlockComment = false;
+        i++;
+      }
+      continue;
+    }
+    if (inString) {
+      if (ch === "\\" && i + 1 < line.length) {
+        i++;
+      } else if (ch === stringChar) {
+        inString = false;
+      }
+      continue;
+    }
+    if (ch === "/" && next === "/") break;
+    if (ch === "/" && next === "*") {
+      inBlockComment = true;
+      i++;
+      continue;
+    }
+    if (ch === '"' || ch === "'") {
+      inString = true;
+      stringChar = ch;
+    } else if (ch === "{" || ch === "[") {
+      depth++;
+      started = true;
+    } else if (ch === "}" || ch === "]") {
+      depth--;
     }
-    throw new Error(`OAuth token request failed: ${message}`);
   }
-  return await response.json();
+  return { depth, started, inBlockComment, inString, stringChar };
+}
+
+// src/commands/me-oauth-clients.ts
+function addMeOAuthClientsSubcommand(me) {
+  const oauthClients = me.command("oauth-clients").description("Manage your OAuth clients");
+  const list = oauthClients.command("list").description("List your OAuth clients").action(
+    withErrorHandler(async (_opts, cmd) => {
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest("GET", "/me/oauth-clients");
+      outputResponse(response, format);
+    })
+  );
+  addExamples(list, [
+    {
+      description: "List your OAuth clients",
+      command: "geonic me oauth-clients list"
+    }
+  ]);
+  const create = oauthClients.command("create [json]").description("Create a new OAuth client").option("--name <name>", "Client name").option("--scopes <scopes>", "Allowed scopes (comma-separated)").option("--save", "Save credentials to config for automatic re-authentication").action(
+    withErrorHandler(async (json, _opts, cmd) => {
+      const opts = cmd.opts();
+      let body;
+      if (json) {
+        body = await parseJsonInput(json);
+      } else if (opts.name || opts.scopes) {
+        const payload = {};
+        if (opts.name) payload.clientName = opts.name;
+        if (opts.scopes) payload.allowedScopes = opts.scopes.split(",").map((s) => s.trim());
+        body = payload;
+      } else {
+        body = await parseJsonInput();
+      }
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest("POST", "/me/oauth-clients", { body });
+      const data = response.data;
+      if (opts.save) {
+        const globalOpts = resolveOptions(cmd);
+        const clientId = data.clientId;
+        const clientSecret = data.clientSecret;
+        if (!clientId || !clientSecret) {
+          printError("Response missing clientId or clientSecret. Cannot save credentials.");
+          outputResponse(response, format);
+          printSuccess("OAuth client created.");
+          return;
+        }
+        const baseUrl = validateUrl(globalOpts.url);
+        const tokenResult = await clientCredentialsGrant({
+          baseUrl,
+          clientId,
+          clientSecret,
+          scope: data.allowedScopes?.join(" ")
+        });
+        const config = loadConfig(globalOpts.profile);
+        config.clientId = clientId;
+        config.clientSecret = clientSecret;
+        config.token = tokenResult.access_token;
+        delete config.refreshToken;
+        saveConfig(config, globalOpts.profile);
+        printInfo("Client credentials saved to config. Auto-reauth enabled.");
+      } else {
+        printWarning(
+          "Save the clientSecret now \u2014 it will not be shown again."
+        );
+      }
+      outputResponse(response, format);
+      printSuccess("OAuth client created.");
+    })
+  );
+  addExamples(create, [
+    {
+      description: "Create an OAuth client with flags",
+      command: "geonic me oauth-clients create --name my-ci-bot --scopes read:entities,write:entities"
+    },
+    {
+      description: "Create and save credentials for auto-reauth",
+      command: "geonic me oauth-clients create --name my-ci-bot --save"
+    },
+    {
+      description: "Create an OAuth client from JSON",
+      command: `geonic me oauth-clients create '{"clientName":"my-bot","allowedScopes":["read:entities"]}'`
+    }
+  ]);
+  const del = oauthClients.command("delete <id>").description("Delete an OAuth client").action(
+    withErrorHandler(async (id, _opts, cmd) => {
+      const client = createClient(cmd);
+      await client.rawRequest(
+        "DELETE",
+        `/me/oauth-clients/${encodeURIComponent(String(id))}`
+      );
+      printSuccess("OAuth client deleted.");
+    })
+  );
+  addExamples(del, [
+    {
+      description: "Delete an OAuth client",
+      command: "geonic me oauth-clients delete <client-id>"
+    }
+  ]);
 }
 
 // src/commands/auth.ts
@@ -1208,13 +1480,25 @@ function registerAuthCommands(program2) {
     }
   ]);
   auth.addCommand(logout);
-  const me = program2.command("me").description("Display current authenticated user").action(createMeAction());
+  const me = program2.command("me").description("Display current authenticated user and manage user resources");
+  const meInfo = me.command("info", { isDefault: true, hidden: true }).description("Display current authenticated user").action(createMeAction());
   addExamples(me, [
+    {
+      description: "Show current user info",
+      command: "geonic me"
+    },
+    {
+      description: "List your OAuth clients",
+      command: "geonic me oauth-clients list"
+    }
+  ]);
+  addExamples(meInfo, [
     {
       description: "Show current user info",
       command: "geonic me"
     }
   ]);
+  addMeOAuthClientsSubcommand(me);
   program2.addCommand(createLoginCommand(), { hidden: true });
   program2.addCommand(createLogoutCommand(), { hidden: true });
   const hiddenWhoami = new Command("whoami").description("Display current authenticated user").action(createMeAction());
@@ -1310,119 +1594,6 @@ function registerProfileCommands(program2) {
   ]);
 }
 
-// src/input.ts
-import JSON5 from "json5";
-import { readFileSync as readFileSync2 } from "fs";
-import { createInterface as createInterface2 } from "readline";
-async function parseJsonInput(input) {
-  if (input !== void 0) {
-    if (input === "-") return parseData(readFileSync2(0, "utf-8"));
-    if (input.startsWith("@")) return parseData(readFileSync2(input.slice(1), "utf-8"));
-    return parseData(input);
-  }
-  if (!process.stdin.isTTY) {
-    return parseData(readFileSync2(0, "utf-8"));
-  }
-  return readInteractiveJson();
-}
-function parseData(text) {
-  return JSON5.parse(text.trim());
-}
-async function readInteractiveJson() {
-  const rl = createInterface2({
-    input: process.stdin,
-    output: process.stderr,
-    prompt: "json> "
-  });
-  process.stderr.write("Enter JSON (auto-submits when braces close, Ctrl+C to cancel):\n");
-  rl.prompt();
-  const lines = [];
-  let depth = 0;
-  let started = false;
-  let inBlockComment = false;
-  let inString = false;
-  let stringChar = "";
-  let cancelled = false;
-  return new Promise((resolve, reject) => {
-    rl.on("SIGINT", () => {
-      cancelled = true;
-      rl.close();
-    });
-    rl.on("line", (line) => {
-      lines.push(line);
-      const result = trackDepth(line, depth, started, inBlockComment, inString, stringChar);
-      depth = result.depth;
-      started = result.started;
-      inBlockComment = result.inBlockComment;
-      inString = result.inString;
-      stringChar = result.stringChar;
-      if (started && depth <= 0 && !inBlockComment && !inString) {
-        rl.close();
-        try {
-          resolve(parseData(lines.join("\n")));
-        } catch (err) {
-          reject(err);
-        }
-      } else {
-        rl.setPrompt("...  ");
-        rl.prompt();
-      }
-    });
-    rl.on("close", () => {
-      if (cancelled) {
-        reject(new Error("Input cancelled."));
-        return;
-      }
-      if (lines.length > 0 && (!started || depth > 0 || inBlockComment || inString)) {
-        try {
-          resolve(parseData(lines.join("\n")));
-        } catch (err) {
-          reject(err);
-        }
-      } else if (lines.length === 0) {
-        reject(new Error("No input provided."));
-      }
-    });
-  });
-}
-function trackDepth(line, depth, started, inBlockComment, inString, stringChar) {
-  for (let i = 0; i < line.length; i++) {
-    const ch = line[i];
-    const next = i + 1 < line.length ? line[i + 1] : "";
-    if (inBlockComment) {
-      if (ch === "*" && next === "/") {
-        inBlockComment = false;
-        i++;
-      }
-      continue;
-    }
-    if (inString) {
-      if (ch === "\\" && i + 1 < line.length) {
-        i++;
-      } else if (ch === stringChar) {
-        inString = false;
-      }
-      continue;
-    }
-    if (ch === "/" && next === "/") break;
-    if (ch === "/" && next === "*") {
-      inBlockComment = true;
-      i++;
-      continue;
-    }
-    if (ch === '"' || ch === "'") {
-      inString = true;
-      stringChar = ch;
-    } else if (ch === "{" || ch === "[") {
-      depth++;
-      started = true;
-    } else if (ch === "}" || ch === "]") {
-      depth--;
-    }
-  }
-  return { depth, started, inBlockComment, inString, stringChar };
-}
-
 // src/commands/attrs.ts
 function addAttrsSubcommands(attrs) {
   const list = attrs.command("list").description("List all attributes of an entity").argument("<entityId>", "Entity ID").action(
@@ -3379,7 +3550,7 @@ function createProgram() {
   const require2 = createRequire3(import.meta.url);
   const pkg = require2("../package.json");
   const program2 = new Command2();
-  program2.name("geonic").description(pkg.description).option("-u, --url <url>", "Base URL of the GeonicDB server").option("-s, --service <name>", "NGSILD-Tenant header").option("--token <token>", "Authentication token").option("-p, --profile <name>", "Use a named profile").option("--api-key <key>", "API key for authentication").option("-f, --format <fmt>", "Output format: json, table, geojson").option("--no-color", "Disable color output").option("-v, --verbose", "Verbose output");
+  program2.name("geonic").description(pkg.description).option("-u, --url <url>", "Base URL of the GeonicDB server").option("-s, --service <name>", "NGSILD-Tenant header").option("--token <token>", "Authentication token").option("-p, --profile <name>", "Use a named profile").option("--api-key <key>", "API key for authentication").option("-f, --format <fmt>", "Output format: json, table, geojson").option("--no-color", "Disable color output").option("-v, --verbose", "Verbose output").option("--dry-run", "Print the equivalent curl command without executing");
   registerHelpCommand(program2);
   registerConfigCommand(program2);
   registerAuthCommands(program2);